多个林-单个AAD实例-单个365 Tennant-第二个林未同步 [英] Multiple Forest - Single AAD instance - Single 365 Tennant - 2nd forest not syncing

问题描述

我对此设置有疑问.

AAD已安装在森林1中->同步到365 Tennant

AAD is installed in Forest 1 -> syncs to 365 Tennant

对森林2的完全可传递森林信任，其中有需要同步到森林1的365 Tennant的UPN的用户

Full Transitive Forest Trust to Forest 2 where there are users with the UPN that needs to sync to 365 Tennant of forest 1

最初设置要进行同步时，我能够添加林，并且该林一次同步了用户.

When initially set up for syncing, I was able to add the forest and it synced the users once.

它再也没有更新森林2.

It never updated forest 2 again.

森林1可以进行同步.森林2无法获取密码/用户更新.

Forest 1 is fine with syncing. Forest 2 does not get password/user updates.

有什么建议吗?

两个林域控制器/和AAD服务器之间的防火墙是完全打开的

Firewalls are completely open between the two forests domain controllers/and AAD server

推荐答案

可以监视Azure AD Connect运行状况中的同步吗?您是否有任何暗示为什么会发生这种现象?如果您可以发布一些运行状况监视器错误并运行跟踪日志，则更容易查明问题.

另一个林的管理员帐户可能已更改，需要更新以匹配.发生这种情况时，通常会发生此类同步错误.

Can you monitor the sync in Azure AD Connect Health? Do you have any hints there for why this behavior is occurring? If you can post some of the health monitor errors and run a trace log it will be easier to pinpoint the problem.

It's possible that the admin account for the other forest may have changed and it needs to be updated to match. Often these sorts of sync errors occur when this happens. 

这篇关于多个林-单个AAD实例-单个365 Tennant-第二个林未同步的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！